Prev
Next
Forums User Experience Lawson Portal

LSF portal password expiration

 7 Replies
 0 Subscribed to this topic
 13 Subscribed to this forum
Sort:
Author
Messages
seant
New Member
Posts: 3
New Member
1/17/2007 1:38 AM
    I am wondering if you are going to talk about LSF portal password expiration. I would like to know how you think it should work. Do you have any thoughts on the best way to control it? Should we take advantage of websphere/ldap authentication if our ldap is setup for password criteria? Or somehow update Lawson's code to display ldap messages?
    Thanks
    John Henley
    Posts: 3353
    1/26/2007 5:22 PM
      Yes, I do plan on talking about it at some point...(although I'd much rather have Alex Tsekhansky to do it instead!)

      What LDAP are you using? Are you live yet, and/or have you installed LSF9 yet?
      Thanks for using the LawsonGuru.com forums!
      John
      seant
      New Member
      Posts: 3
      New Member
      1/29/2007 1:27 AM
        We are using IBM Tivoli Directory Server. We are not live, but we have installed and are testing LSF9.
        John Henley
        Posts: 3353
        1/29/2007 12:08 PM
          Are you using a directory service (e.g. Active Directory or NDS or what?)in addition to the Tivoli DS you installed with Lawson?

          What platform is Lawson running on (i.e. Windows, Unix, iSeries)?

          Are you upgrading/migrating from v8 or are you a new customer?

          Thanks for using the LawsonGuru.com forums!
          John
          seant
          New Member
          Posts: 3
          New Member
          1/31/2007 9:33 PM
            No, we are not using a directory service.
            We are running on Unix.
            We are upgrading/migrating from v8.
            John Henley
            Posts: 3353
            2/2/2007 2:54 AM
              The short answer is this:

              - If you're using "standard" Lawson 9.0, you're storing your Portal (SSOP) password within Lawson's LDAP container. You can configure Lawson Single-Sign On [SSO] to give your users the ability to change their passwords. However you CANNOT force any expiration or "strong" password rules.

              - You can "bind" the SSOP password to another LDAP (i.e. Active Directory or perhaps another [i.e. non-Lawson] Tivoli DS), which can enforce password expiration and password rules.

              - You can ONLY bind the SSOP password--not the environment password. For UNIX clients, this is pretty much status quo. For Windows clients, this is a step backwards.

              I will expand on this in more detail in future postings/articles.

              Are you *sure* you're not using a directory service? What do you use for your email?
              Thanks for using the LawsonGuru.com forums!
              John
              Peter Barnes
              New Member
              Posts: 2
              New Member
              10/18/2008 8:54 AM
                Good morning John,
                This area of password changing is becoming an extremely hot topic, it would seem!
                We are about to go-live in November on GL and AP(version 9.0.0.4 - new Lawson Client), and would like to enforce standard password change functionality (obviously not in November, but as soon as possible thereafter).
                All in all, it would appear that we are unable (at this point) to invoke forced password updates within Lawson, but as we are an Iseries shop, and it would seem that we will be breaking new ground in trying to integrate Lawson and Active Directory binding.
                Could you possibly point us in the right/ANY direction for expertise/knowledge in this area?
                Your guidance would be oh so much appreciated.
                Regards,
                Peter
                John Henley
                Posts: 3353
                10/20/2008 12:19 PM
                  I have not done an ldapbind on iSeries, but it should work OK--just as it does on UNIX/Windows.
                  Thanks for using the LawsonGuru.com forums!
                  John